Lucene search
+L

102 matches found

Prion
Prion
added 2020/05/04 7:15 p.m.16 views

Design/Logic Flaw

LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users...

6.8CVSS7.5AI score0.00809EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/04 6:26 p.m.40 views

CVE-2020-10622

LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users...

7.5AI score0.00809EPSS
Exploits0References1
CVE
CVE
added 2020/05/04 6:26 p.m.67 views

CVE-2020-10622

CVE-2020-10622 affects LCDS LAquis SCADA up to version 4.3.1. The vulnerability is due to improper input validation that allows unauthorized users to create arbitrary files. It requires local access and user interaction, with a high impact on confidentiality, integrity, and availability. Remediat...

7.8CVSS7.5AI score0.00809EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/05/04 6:24 p.m.57 views

CVE-2020-10618

CVE-2020-10618 affects LCDS LAquis SCADA versions 4.3.1 and earlier. The available connected documents indicate a vulnerability that could lead to sensitive information exposure by unauthorized users. No explicit exploitation vector, attacker capabilities, or remediation steps are provided within...

5.5CVSS5.2AI score0.00832EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/04/29 12:0 a.m.4 views

LCDS LAquis SCADA Input Validation Error Vulnerability

LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. An input validation error vulnerability exists in LCDS LAquis SCADA version...

7.8CVSS6.9AI score0.00809EPSS
Exploits0References1
ICS
ICS
added 2019/08/01 12:0 a.m.72 views

LCDS LAquis SCADA LQS File Parsing

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerabilities: Out-of-bounds Read, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

7.8CVSS5.8AI score0.01002EPSS
Exploits0References6
NVD
NVD
added 2019/03/27 6:29 p.m.22 views

CVE-2018-18994

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration...

7.8CVSS7.5AI score0.01054EPSS
Exploits0References1
Prion
Prion
added 2019/03/27 6:29 p.m.16 views

Design/Logic Flaw

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration...

7.8CVSS6.8AI score0.01054EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/27 5:38 p.m.28 views

CVE-2018-18994

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration...

6.9AI score0.01054EPSS
Exploits0References1
CVE
CVE
added 2019/03/27 5:38 p.m.57 views

CVE-2018-18994

CVE-2018-18994 affects LCDS LAquis SCADA prior to version 4.1.0.4150, where opening a specially crafted project file can trigger an out-of-bounds read, potentially causing a system crash or data exfiltration. The vulnerability is addressed by upgrading to 4.1.0.4150 per NVD/NCCIC advisories; no e...

7.8CVSS6.8AI score0.01054EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/03/27 4:29 p.m.13 views

Code injection

Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process...

6.8CVSS7.8AI score0.01205EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/27 4:29 p.m.13 views

CVE-2019-6536

Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process...

7.8CVSS7.8AI score0.01205EPSS
Exploits0References2
CVE
CVE
added 2019/03/27 3:25 p.m.54 views

CVE-2019-6536

CVE-2019-6536 concerns LAquis SCADA’s ELS file handling. Affected: SCADA 4.1.0.4150. Vulnerability: out-of-bounds write (CWE-787) in ELS file processing that may allow code execution in the context of the current process. Technical details across sources vary: ZDI describes remote code execution ...

7.8CVSS7.8AI score0.01205EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/03/27 3:25 p.m.17 views

CVE-2019-6536

Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process...

7.8AI score0.01205EPSS
Exploits0References2
ICS
ICS
added 2019/03/14 12:0 a.m.69 views

LCDS LAquis SCADA ELS Files

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution...

7.8CVSS1.9AI score0.01205EPSS
Exploits0References28
OSV
OSV
added 2019/02/05 6:29 p.m.4 views

CVE-2018-19002

LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash...

7.8CVSS6AI score0.02668EPSS
Exploits0References2
Prion
Prion
added 2019/02/05 6:29 p.m.18 views

Code injection

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server...

6.8CVSS8.8AI score0.01984EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/02/05 6:29 p.m.25 views

CVE-2018-18998

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges...

9.8CVSS9.4AI score0.02375EPSS
Exploits0References2
OSV
OSV
added 2019/02/05 6:29 p.m.6 views

CVE-2018-18986

LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution...

7.8CVSS6.1AI score0.02668EPSS
Exploits0References2
Prion
Prion
added 2019/02/05 6:29 p.m.16 views

Out-of-bounds

LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution...

8.3CVSS8AI score0.02668EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder